search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2021-05-24 2021-05-24 2021-06-17 VU#667933 Pulse Connect Secure Samba buffer overflow
2021-05-24 2021-05-24 2021-06-03 VU#799380 Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-01-19 2021-01-19 2021-06-02 VU#434904 Dnsmasq is vulnerable to memory corruption and cache poisoning
2021-05-25 2021-05-25 2021-05-25 VU#706695 Checkbox Survey insecurely deserializes ASP.NET View State data
2021-04-20 2021-04-20 2021-05-19 VU#213092 Pulse Connect Secure contains a use-after-free vulnerability
2020-12-08 2020-12-08 2021-05-11 VU#815128 Embedded TCP/IP stacks have memory corruption vulnerabilities
2021-02-04 2021-01-26 2021-04-26 VU#794544 Sudo set_cmd() is vulnerable to heap-based buffer overflow
2021-04-20 2021-04-20 2021-04-22 VU#567764 MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2020-09-16 2020-09-16 2021-03-19 VU#490028 Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
2020-06-16 2020-06-16 2021-03-17 VU#257161 Treck IP stacks contain multiple vulnerabilities
2021-02-18 2021-02-18 2021-02-18 VU#240785 Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
2020-09-09 2020-09-09 2021-02-16 VU#589825 Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite
2020-05-18 2020-04-14 2021-02-10 VU#647177 4.8 Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
2021-02-09 2021-02-09 2021-02-09 VU#466044 Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
2021-02-01 2021-02-01 2021-02-01 VU#125331 Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs

Sponsored by CISA.